Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/aa8ac8-13b8-4197-be56-1e1de91a987c/1/t_DIdqaN6y2JKMbW8hZqlx5pBLI.roa
File: t_DIdqaN6y2JKMbW8hZqlx5pBLI.roa (raw, json)
Hash identifier: sTPX3pfoCgx/hl/X8Ze0rx/7BembW5p7LcW8LP/fL7I=
Subject key identifier: B7:F0:C8:76:A6:8D:EB:2D:89:28:C6:D6:F2:16:6A:97:1E:69:04:B2
Certificate issuer: /CN=5f5980132d193e270ed1efe0ad2849fe8ab0d76c
Certificate serial: 0194221F91D1200CD2ACFC2FB586655CB632
Authority key identifier: 5F:59:80:13:2D:19:3E:27:0E:D1:EF:E0:AD:28:49:FE:8A:B0:D7:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X1mAEy0ZPicO0e_grShJ_oqw12w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/aa8ac8-13b8-4197-be56-1e1de91a987c/1/t_DIdqaN6y2JKMbW8hZqlx5pBLI.roa
Signing time: Wed 01 Jan 2025 13:48:01 +0000
ROA not before: Wed 01 Jan 2025 13:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197902
IP address blocks: 141.138.172.0/22 maxlen: 22
2a03:3c00:c000::/34 maxlen: 34
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:91:d1:20:0c:d2:ac:fc:2f:b5:86:65:5c:b6:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f5980132d193e270ed1efe0ad2849fe8ab0d76c
Validity
Not Before: Jan 1 13:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b7f0c876a68deb2d8928c6d6f2166a971e6904b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:4e:39:6e:d5:9e:21:80:3b:fa:9b:c1:a7:da:
99:3d:01:8b:df:ba:d5:d2:63:a2:da:38:3c:04:8a:
f7:33:63:ed:e8:69:aa:1e:4c:f1:99:8c:4e:cb:a8:
db:3e:12:16:67:71:f7:af:b7:e0:e6:93:92:88:f2:
ee:c9:1a:9c:fd:86:5f:0c:2e:d8:25:db:b6:9d:fa:
09:eb:e8:ca:47:83:d9:47:17:b8:61:c0:43:1a:f4:
62:27:fa:65:75:44:08:0f:7b:df:3f:8e:e8:24:ab:
5c:c5:99:8d:f9:d4:32:30:48:45:b4:55:9e:05:2e:
57:b0:03:5f:57:2f:93:e9:be:f5:0c:02:7d:3b:be:
75:71:41:04:f5:df:34:d5:c0:8d:d0:00:3f:85:22:
61:69:8b:24:14:82:e1:b3:e1:39:6f:a8:e5:c1:ff:
f4:b6:56:ed:7e:10:86:9c:95:79:e5:da:72:77:cd:
14:ad:e1:a8:74:92:2e:48:b9:4b:c7:52:d0:f7:35:
40:ae:38:46:b6:b3:07:8e:15:4e:a7:66:9f:58:8a:
a5:35:4a:d6:c4:01:46:d3:b4:cf:52:01:5a:4f:a0:
f5:7c:08:fc:b9:13:1d:83:5b:54:ee:98:e1:95:2d:
b0:c8:4c:f1:c7:8f:c9:b7:ce:b4:37:72:24:31:e9:
2c:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:F0:C8:76:A6:8D:EB:2D:89:28:C6:D6:F2:16:6A:97:1E:69:04:B2
X509v3 Authority Key Identifier:
keyid:5F:59:80:13:2D:19:3E:27:0E:D1:EF:E0:AD:28:49:FE:8A:B0:D7:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X1mAEy0ZPicO0e_grShJ_oqw12w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/aa8ac8-13b8-4197-be56-1e1de91a987c/1/t_DIdqaN6y2JKMbW8hZqlx5pBLI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/aa8ac8-13b8-4197-be56-1e1de91a987c/1/X1mAEy0ZPicO0e_grShJ_oqw12w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.138.172.0/22
IPv6:
2a03:3c00:c000::/34
Signature Algorithm: sha256WithRSAEncryption
64:6a:2d:76:ca:9d:80:7d:ad:fa:8c:8c:77:bc:06:8a:fa:67:
9b:1d:b1:51:5d:5a:9e:fb:4d:79:8c:26:a0:6f:39:d8:1e:1a:
e3:7a:62:bf:af:21:0a:84:1b:6f:02:6c:4f:5b:78:c5:be:8f:
74:e8:d5:0e:6c:33:77:e4:45:bf:9a:7e:12:14:7d:cf:b1:3a:
16:04:f3:5e:4c:39:40:9e:af:bd:af:18:a9:1a:4e:b8:20:fc:
8b:3a:88:3b:55:2a:af:bf:0d:3e:dc:b3:81:89:1a:cf:3e:e8:
f2:3b:07:41:76:4e:af:50:b5:8d:f7:00:2b:f0:87:ca:1e:0c:
51:fa:81:f7:b6:cc:eb:79:e6:1d:d2:66:0f:52:57:a3:d8:dc:
18:1b:cf:10:e0:7d:21:be:95:f5:59:eb:9b:d4:30:b9:ed:33:
85:21:bb:5b:4d:9b:c1:15:e9:0f:92:a4:72:3a:2d:46:9c:a1:
23:5f:f4:0a:c9:13:fc:a3:7f:0b:75:78:2c:c1:d7:94:36:1c:
65:f7:b5:ae:e4:04:6b:d5:c7:67:be:56:65:d5:91:73:17:47:
9d:e6:38:10:b3:e2:64:16:5a:ce:d9:05:12:88:51:a7:3c:2c:
9d:76:54:75:65:87:ee:cc:55:44:bc:b6:71:9a:02:c8:32:df:
ec:03:88:a0
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZQiH5HRIAzSrPwvtYZlXLYyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmNTk4MDEzMmQxOTNlMjcwZWQxZWZlMGFkMjg0OWZlOGFi
MGQ3NmMwHhcNMjUwMTAxMTM0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2YwYzg3NmE2OGRlYjJkODkyOGM2ZDZmMjE2NmE5NzFlNjkwNGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6U45btWeIYA7+pvBp9qZPQGL37rV
0mOi2jg8BIr3M2Pt6GmqHkzxmYxOy6jbPhIWZ3H3r7fg5pOSiPLuyRqc/YZfDC7Y
Jdu2nfoJ6+jKR4PZRxe4YcBDGvRiJ/pldUQID3vfP47oJKtcxZmN+dQyMEhFtFWe
BS5XsANfVy+T6b71DAJ9O751cUEE9d801cCN0AA/hSJhaYskFILhs+E5b6jlwf/0
tlbtfhCGnJV55dpyd80UreGodJIuSLlLx1LQ9zVArjhGtrMHjhVOp2afWIqlNUrW
xAFG07TPUgFaT6D1fAj8uRMdg1tU7pjhlS2wyEzxx4/Jt860N3IkMeksLwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFLfwyHamjestiSjG1vIWapceaQSyMB8GA1UdIwQY
MBaAFF9ZgBMtGT4nDtHv4K0oSf6KsNdsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDFtQUV5MFpQaWNPMGVfZ3JTaEpfb3F3MTJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9hYThhYzgtMTNiOC00MTk3LWJlNTYt
MWUxZGU5MWE5ODdjLzEvdF9ESWRxYU42eTJKS01iVzhoWnFseDVwQkxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9hYThhYzgtMTNiOC00MTk3LWJlNTYtMWUxZGU5MWE5ODdj
LzEvWDFtQUV5MFpQaWNPMGVfZ3JTaEpfb3F3MTJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCjYqsMA4E
AgACMAgDBgYqAzwAwDANBgkqhkiG9w0BAQsFAAOCAQEAZGotdsqdgH2t+oyMd7wG
ivpnmx2xUV1anvtNeYwmoG852B4a43piv68hCoQbbwJsT1t4xb6PdOjVDmwzd+RF
v5p+EhR9z7E6FgTzXkw5QJ6vva8YqRpOuCD8izqIO1Uqr78NPtyzgYkazz7o8jsH
QXZOr1C1jfcAK/CHyh4MUfqB97bM63nmHdJmD1JXo9jcGBvPEOB9Ib6V9Vnrm9Qw
ue0zhSG7W02bwRXpD5KkcjotRpyhI1/0CskT/KN/C3V4LMHXlDYcZfe1ruQEa9XH
Z75WZdWRcxdHneY4ELPiZBZaztkFEohRpzwsnXZUdWWH7sxVRLy2cZoCyDLf7AOI
oA==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:33:08 2025 by rpki-client on console.sobornost.net